β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Things to do after installing a Linux server :
1) Make sure a non-root user is configured.
Root is omnipotent and you don't need root rights all the time.
root is also a valid username on almost every Linux system. This means that if remote authentication is enabled, half of an attacker's job - getting a valid username - is done.
In addition, if an attacker can log on as root, no additional permissions are required to perform any action on the system.
For these reasons, it is best to log in as a non-root user and disable root logins for remote access using SSH (explained later).
π¦How to do it?
We will assume that you are logged in as root.
Add a new user using the useradd command . Replace <username> with any username of your choice.
useradd <username>
Set a password using the passwd command for the newly added user:
passwd <username>
2) Make sure the non-root user has sudo permission.
Since you will be logging into this account remotely using Secure Shell (SSH), you will want to be able to perform privileged actions that require root access. This means that the account must have sudo permissions.
π¦How to do it?
The process for creating a SUDO user on Ubuntu and CentOS is similar, but the group you will be adding the user to is different.
You must be logged in as root to complete this step.
On CentOS and Red Hat, the wheel group is the standard group used to grant Sudo users permission. Add a user to this group using the usermod command:
usermod -aG wheel <username>
Ubuntu uses the sudo group to manage sudo users.
usermod -aG sudo <username>
3) Enabling SSH Key Based Authentication
It is important that key based authentication is enabled for SSH so that it works when we disable password based authentication.
Cracked, compromised passwords are a very common way for attackers to gain access to systems. Spear phishing , spamming that prompts an unsuspecting user to provide credentials, is just one of the common methods of obtaining credentials.
If someone gets your username and password on a system that has key-based authentication enabled and password-based authentication disabled for remote SSH access, the stolen password will no longer grant them access to that server.
4) Make sure SSH is allowed through the ufw firewall.
Before you enable the firewall on your system, you must make sure SSH is allowed. Otherwise, you may be locked out of your system when accessing it remotely.
π¦How to do it?
Ubuntu uses uncomplicated firewall (ufw) and CentOS / Red Hat uses firewalld.
On CentOS / Red Hat, use the firewall-cmd command:
sudo firewall-cmd --zone = public --add-service = ssh --permanent
On Ubuntu, use the ufw command like this:
sudo ufw allow ssh
5) Turn on firewall (only after SSH permission)
The firewall ensures that only specially permitted traffic can enter your server. If an attacker receives malware on your server and tries to communicate through a prohibited port, or if the service is accidentally enabled, it cannot be used to compromise your server or further compromise it.
π¦How to do it?
On CentOS / Red Hat systems, enable the firewalld systemd service:
sudo systemctl start firewalld
sudo systemctl enable firewalld
On Ubuntu use this command:
sudo ufw enable
6) Configure SSH not to display the banner.
One of the ways an attacker can compromise your server is through bugs in the software that runs your services. The banner can display information about which version of OpenSSH or operating system you are using. There is no point in giving information to the bad guys. Make them work for it!
π¦How to do it?
By default, no banner is displayed on CentOS / Red Hat, so no action is required.
On Ubuntu, you can use:
sudo echo "DebianBanner no" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
π¦Things to do after installing a Linux server :
1) Make sure a non-root user is configured.
Root is omnipotent and you don't need root rights all the time.
root is also a valid username on almost every Linux system. This means that if remote authentication is enabled, half of an attacker's job - getting a valid username - is done.
In addition, if an attacker can log on as root, no additional permissions are required to perform any action on the system.
For these reasons, it is best to log in as a non-root user and disable root logins for remote access using SSH (explained later).
π¦How to do it?
We will assume that you are logged in as root.
Add a new user using the useradd command . Replace <username> with any username of your choice.
useradd <username>
Set a password using the passwd command for the newly added user:
passwd <username>
2) Make sure the non-root user has sudo permission.
Since you will be logging into this account remotely using Secure Shell (SSH), you will want to be able to perform privileged actions that require root access. This means that the account must have sudo permissions.
π¦How to do it?
The process for creating a SUDO user on Ubuntu and CentOS is similar, but the group you will be adding the user to is different.
You must be logged in as root to complete this step.
On CentOS and Red Hat, the wheel group is the standard group used to grant Sudo users permission. Add a user to this group using the usermod command:
usermod -aG wheel <username>
Ubuntu uses the sudo group to manage sudo users.
usermod -aG sudo <username>
3) Enabling SSH Key Based Authentication
It is important that key based authentication is enabled for SSH so that it works when we disable password based authentication.
Cracked, compromised passwords are a very common way for attackers to gain access to systems. Spear phishing , spamming that prompts an unsuspecting user to provide credentials, is just one of the common methods of obtaining credentials.
If someone gets your username and password on a system that has key-based authentication enabled and password-based authentication disabled for remote SSH access, the stolen password will no longer grant them access to that server.
4) Make sure SSH is allowed through the ufw firewall.
Before you enable the firewall on your system, you must make sure SSH is allowed. Otherwise, you may be locked out of your system when accessing it remotely.
π¦How to do it?
Ubuntu uses uncomplicated firewall (ufw) and CentOS / Red Hat uses firewalld.
On CentOS / Red Hat, use the firewall-cmd command:
sudo firewall-cmd --zone = public --add-service = ssh --permanent
On Ubuntu, use the ufw command like this:
sudo ufw allow ssh
5) Turn on firewall (only after SSH permission)
The firewall ensures that only specially permitted traffic can enter your server. If an attacker receives malware on your server and tries to communicate through a prohibited port, or if the service is accidentally enabled, it cannot be used to compromise your server or further compromise it.
π¦How to do it?
On CentOS / Red Hat systems, enable the firewalld systemd service:
sudo systemctl start firewalld
sudo systemctl enable firewalld
On Ubuntu use this command:
sudo ufw enable
6) Configure SSH not to display the banner.
One of the ways an attacker can compromise your server is through bugs in the software that runs your services. The banner can display information about which version of OpenSSH or operating system you are using. There is no point in giving information to the bad guys. Make them work for it!
π¦How to do it?
By default, no banner is displayed on CentOS / Red Hat, so no action is required.
On Ubuntu, you can use:
sudo echo "DebianBanner no" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
7) Disable SSH forwarding.
While it is not uncommon for administrators to use SSH forwarding to encrypt traffic that might otherwise be in cleartext, if you are not using it, you should disable it. Forwarding can be used by an attacker to encrypt traffic so it is harder for you to view it, or to receive traffic that would otherwise be blocked from transmitting using an authorized port and service.
π¦How to do it?
On CentOS / Red Hat add the following // etc / ssh / sshd_config:
DisableForwarding yes
On Ubuntu add DisableForwarding yes to the 10-my-sshd-settings.conf file:
sudo echo "DisableForwarding yes" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
While it is not uncommon for administrators to use SSH forwarding to encrypt traffic that might otherwise be in cleartext, if you are not using it, you should disable it. Forwarding can be used by an attacker to encrypt traffic so it is harder for you to view it, or to receive traffic that would otherwise be blocked from transmitting using an authorized port and service.
π¦How to do it?
On CentOS / Red Hat add the following // etc / ssh / sshd_config:
DisableForwarding yes
On Ubuntu add DisableForwarding yes to the 10-my-sshd-settings.conf file:
sudo echo "DisableForwarding yes" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What about Swagger JSON high-risk vulnerability was found in Java/PHP/NodeJS/Ruby or hit :
Attackers use the vulnerability to implant malicious code in the Swagger JSON file to achieve remote execution. The vulnerability exists in OpenAPI (Swagger Code Generator), which is a parameter injection vulnerability. All applications that integrate OpenAPI will be affected.
1) Recently, a vulnerability that exists widely in popular languages ββsuch as Java, PHP, NodeJS and Ruby was discovered. The vulnerability exists in OpenAPI (Swagger Code Generator). It is a parameter injection vulnerability, and all applications that integrate Open API will be affected.
High-risk vulnerabilities are found, Java/PHP/NodeJS/Ruby development applications or the trick
2) Attackers can use this vulnerability to implant malicious code in Swagger JSON files for remote execution. It is worth noting that the details and fixes of the vulnerability have been disclosed as early as April 2016, but it does not seem to have received enough attention from the maintainers of Swagger because they have never responded to this matter.
For the sake of safety, relevant developers and technicians should expedite the deployment of vulnerability fixes, so as to eliminate the potential threat of the vulnerability as soon as possible.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What about Swagger JSON high-risk vulnerability was found in Java/PHP/NodeJS/Ruby or hit :
Attackers use the vulnerability to implant malicious code in the Swagger JSON file to achieve remote execution. The vulnerability exists in OpenAPI (Swagger Code Generator), which is a parameter injection vulnerability. All applications that integrate OpenAPI will be affected.
1) Recently, a vulnerability that exists widely in popular languages ββsuch as Java, PHP, NodeJS and Ruby was discovered. The vulnerability exists in OpenAPI (Swagger Code Generator). It is a parameter injection vulnerability, and all applications that integrate Open API will be affected.
High-risk vulnerabilities are found, Java/PHP/NodeJS/Ruby development applications or the trick
2) Attackers can use this vulnerability to implant malicious code in Swagger JSON files for remote execution. It is worth noting that the details and fixes of the vulnerability have been disclosed as early as April 2016, but it does not seem to have received enough attention from the maintainers of Swagger because they have never responded to this matter.
For the sake of safety, relevant developers and technicians should expedite the deployment of vulnerability fixes, so as to eliminate the potential threat of the vulnerability as soon as possible.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME REAL FAKE CALL APPS "
https://play.google.com/store/apps/details?id=com.gogii.textplus
https://play.google.com/store/apps/details?id=com.talkatone.android
https://play.google.com/store/apps/details?id=com.tiggzi.project54500
https://play.google.com/store/apps/details?id=eu.mobitop.fakemeacall
https://play.google.com/store/apps/details?id=me.dingtone.app.im
https://www.spoofcard.com/
https://play.google.com/store/apps/details?id=com.fakecallgame&hl=en&gl=US
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME REAL FAKE CALL APPS "
https://play.google.com/store/apps/details?id=com.gogii.textplus
https://play.google.com/store/apps/details?id=com.talkatone.android
https://play.google.com/store/apps/details?id=com.tiggzi.project54500
https://play.google.com/store/apps/details?id=eu.mobitop.fakemeacall
https://play.google.com/store/apps/details?id=me.dingtone.app.im
https://www.spoofcard.com/
https://play.google.com/store/apps/details?id=com.fakecallgame&hl=en&gl=US
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
textPlus: Text Message + Call - Apps on Google Play
Unlimited messages, WiFi Calling, Texting app. Text now with Second Phone Number
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DLP ALL YOU NEED TO KNOW :
A) How is DLP used?
1) Most often, DLP security software is located in a peripheral device such as a firewall or spam filter.
2) These devices scan outbound traffic to ensure that no sensitive data is sent outside the network.
3) DLP is typically configured to track emails, instant messages, file transfers, and cloud file storage, triggering transfer stops when sensitive data is detected.
4) It can also be configured to allow specific individuals or groups to bypass DLP filters.
5) These exceptions are usually combined with technologies such as email encryption to prevent unauthorized access to content without decryption.
B) What industries is DLP used in?
1) The need for DLP software varies from industry to industry and really depends on the data processing rules your business must follow.
2) Data loss prevention software is most prevalent in healthcare and finance.
3) Electronic Data Loss Prevention can dramatically improve your information security and even help you comply with legal requirements.
4) If you have sensitive or protected information, you should consider adding a DLP software solution to your infrastructure.
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DLP ALL YOU NEED TO KNOW :
A) How is DLP used?
1) Most often, DLP security software is located in a peripheral device such as a firewall or spam filter.
2) These devices scan outbound traffic to ensure that no sensitive data is sent outside the network.
3) DLP is typically configured to track emails, instant messages, file transfers, and cloud file storage, triggering transfer stops when sensitive data is detected.
4) It can also be configured to allow specific individuals or groups to bypass DLP filters.
5) These exceptions are usually combined with technologies such as email encryption to prevent unauthorized access to content without decryption.
B) What industries is DLP used in?
1) The need for DLP software varies from industry to industry and really depends on the data processing rules your business must follow.
2) Data loss prevention software is most prevalent in healthcare and finance.
3) Electronic Data Loss Prevention can dramatically improve your information security and even help you comply with legal requirements.
4) If you have sensitive or protected information, you should consider adding a DLP software solution to your infrastructure.
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 BEST APK MODDING & EDITORS TOOLS :
http://www.vaibhavpandey.com/apkstudio/
https://kefir500.github.io/apk-icon-editor/download/
https://sourceforge.net/projects/apkfilemanager/
https://apk-easy-tool.en.lo4d.com/download
https://apkeditorpro.com/apk-editor-pro-apk-download/
https://ibotpeaches.github.io/Apktool/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 BEST APK MODDING & EDITORS TOOLS :
http://www.vaibhavpandey.com/apkstudio/
https://kefir500.github.io/apk-icon-editor/download/
https://sourceforge.net/projects/apkfilemanager/
https://apk-easy-tool.en.lo4d.com/download
https://apkeditorpro.com/apk-editor-pro-apk-download/
https://ibotpeaches.github.io/Apktool/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Vaibhavpandey
APK Studio | Cross platform, Open-Source IDE for Android Reverse-Engineering
Open-source, cross platform Qt based IDE for reverse-engineering Android application packages. It features a friendly IDE-like layout including code editor with syntax highlighting support for *.smali code files.